OpenVPN Access Server Vulnerabilities: Risk of Information Exposure, D...
OpenVPN Access Server Vulnerabilities: Risk of Information Exposure, DoS, and RCE (CVE-2023-46849, CVE-2023-46850) Last week, OpenVPN Access Server, a widely-used open-source VPN solution, received an...
Lessons Learned From Israel-Hamas Conflict: A Cybersecurity Perspectiv...
Lessons Learned From Israel-Hamas Conflict: A Cybersecurity Perspective The Israel-Hamas conflict, which started with the surprise attack of Hamas militants on Israeli territory on October 7, escalate...
Major Cyberattacks in Review: October 2023
Major Cyberattacks in Review: October 2023 In October 2023, a surge of cyber incidents underscored the persistent and evolving threats confronting organizations. October 2023 witnessed a range of mali...
Sumo Logic Security Breach: Unauthorized Access to AWS with Stolen Cre...
Sumo Logic Security Breach: Unauthorized Access to AWS with Stolen Credentials Sumo Logic, a cybersecurity company renowned for its expertise in cloud-based log management, analytics, and insights, re...
Path Traversal Leading to Compromise: SysAid On-Prem Software CVE-2023...
Path Traversal Leading to Compromise: SysAid On-Prem Software CVE-2023-47246 Vulnerability [Update] November 15, 2023: See the subheadings: “Nuclei Template Now Available, Scan for the SysAid Vulnerab...
Surge in Attention Towards Critical Vulnerabilities in QNAP QTS and NA...
Surge in Attention Towards Critical Vulnerabilities in QNAP QTS and NAS Services (CVE-2023-23368, CVE-2023-23369) QNAP recently published advisories for two critical command injection vulnerabilities,...
The Landscape of Hacktivism in the Context of Current Events
The Landscape of Hacktivism in the Context of Current Events Hacktivism, may be defined in the dictionary as a mixture of the words “hacking” and “activism,” encompasses the st...
New Microsoft Exchange Zero-Day Vulnerabilities Could Lead to RCE, SSR...
New Microsoft Exchange Zero-Day Vulnerabilities Could Lead to RCE, SSRF (ZDI-23-1578, ZDI-23-1579, ZDI-23-1580, ZDI-23-1581) The discovery of four new zero-day vulnerabilities in Microsoft Exchange is...
New Gootloader Variant “GootBot” Changes the Game in Malware Tactics...
New Gootloader Variant “GootBot” Changes the Game in Malware Tactics Researchers recently identified a fresh Gootloader malware variant known as “GootBot,” used in SEO poisoning attacks. T...
Japanese IT Breach, CPanel Auctions, LinkedIn Data Leak
Japanese IT Breach, CPanel Auctions, LinkedIn Data Leak The SOCRadar Dark Web Team has meticulously documented a series of disturbing transactions within the obscured recesses of the dark web. These i...
Dark Peep #4: Ransomware For Sale
Dark Peep #4: Ransomware For Sale October finally ended; we hope the cybersecurity awareness month was helpful for everyone. In this issue of Dark Peep, we will discuss the interesting events that cau...
The Five Families: Hacker Collaboration Redefining the Game
The Five Families: Hacker Collaboration Redefining the Game At the end of the Summer of 2023, five hacker groups, including ThreatSec, GhostSec, Stormous, Blackforums, and SiegedSec, have collectively...
Critical RCE Vulnerability in Apache ActiveMQ Is Targeted by HelloKitt...
Critical RCE Vulnerability in Apache ActiveMQ Is Targeted by HelloKitty Ransomware (CVE-2023-46604) [Update] December 19, 2023: “Ongoing Exploitation of Apache ActiveMQ Vulnerability: Threat Actors L...
Counter-Ransomware Initiative: A United Front Against Ransomware
Counter-Ransomware Initiative: A United Front Against Ransomware [Update] November 9, 2023: Boeing was once again leaked on the victim site of the LockBit*** [Update] November 3, 2023: LockBit lists B...
Atlassian CISO Announced: Improper Authorization Vulnerability Detecte...
Atlassian CISO Announced: Improper Authorization Vulnerability Detected on Confluence Data Center and Server (CVE-2023-22518) [Update] November 8, 2023: CISA has included the CVE-2023-22158 vulnerabil...
Dark Opinion: Doing Things Under the Rose, Proxy Data Recovery Compani...
Dark Opinion: Doing Things Under the Rose, Proxy Data Recovery Companies for Ransomware Negotiation During the pandemic, a lot of untrue stories spread around. This happened a lot after people started...
Trick or Threat: Diving into Spooky Techniques of Ransomware Groups
Trick or Threat: Diving into Spooky Techniques of Ransomware Groups October, a month of chilling winds, pumpkin spice, and haunting tales, also marks Cybersecurity Awareness Month. An annual campaign,...
New Bulletin by CISA on Rising Vulnerabilities: Apache, BIG-IP, IBM, V...
New Bulletin by CISA on Rising Vulnerabilities: Apache, BIG-IP, IBM, VMware, WordPress, and More The Cybersecurity and Infrastructure Security Agency (CISA) released a summary of new vulnerabilities w...
How to Utilize Attack Surface Management and Vulnerability Intelligenc...
How to Utilize Attack Surface Management and Vulnerability Intelligence for ‘Vulnerability Mapping’ The concept of vulnerability is a persistent shadow that haunts the digital realm; it is an element ...
British and Mexican Companies’ Access Sales, Airline Breach, US Citize...
British and Mexican Companies’ Access Sales, Airline Breach, US Citizen Data Leak The relentless pace of dark web threats persists. The SOCRadar Dark Web Team reveals a fresh wave of illicit activitie...